| CPC G06F 21/44 (2013.01) [G06Q 20/00 (2013.01); G06Q 20/409 (2013.01)] | 13 Claims |
|
1. A method, comprising:
receiving, by an authorizer application hosted by a secure element of a user device, an authorization token associated with an operation of a cryptographic applet hosted by the secure element;
authenticating, by the authorizer application, the authorization token;
setting, by the authorizer application, authorization criteria for the operation of the cryptographic applet based at least in part on the authorization token;
receiving, by the authorizer application, an authorization status request from the cryptographic applet, wherein the authorization status request corresponds to the operation;
verifying, by the authorizer application, that the authorization status request complies with the authorization criteria;
transmitting, by the authorizer application, an authorization status to the cryptographic applet;
performing, by the cryptographic applet, the operation based at least in part on the authorization status;
generating, by the authorizer application, a nonce, wherein authenticating the authorization token is based at least in part on the nonce;
transmitting, by the authorizer application, the nonce, to a reader application of the user device; and
transmitting, by the reader application, the nonce to a first server, wherein the first server is configured to generate the authorization token based at least in part on the nonce.
|